All Products
Search

This Product

    Anti-DDoS:Use OpenAPI sample code

    Document Center

    Anti-DDoS:Use OpenAPI sample code

    Last Updated:Mar 31, 2026

    This guide walks you through calling the DescribeInstanceList operation to query your Anti-DDoS Origin instances — from setting up a RAM user to running sample Python code and verifying the response.

    Prerequisites

    Before you begin, ensure that you have:

    • An Alibaba Cloud account

    • Python 3 installed (Download Python 3)

    • Basic familiarity with running commands in a terminal

    How it works

    The workflow consists of three phases:

    1. Set up identity and permissions — Create a Resource Access Management (RAM) user and grant it the Anti-DDoS Origin policy.

    2. Prepare your Python environment — Configure credentials as environment variables and install the required packages.

    3. Run sample code — Download the generated sample from OpenAPI Explorer and verify the response.

    Set up identity and permissions

    Anti-DDoS Origin supports three identity types: an Alibaba Cloud account, a RAM user, or a RAM role. This guide uses a RAM user.

    Create a RAM user

    1. Log in to the RAM console.

    2. Create a RAM user and record the AccessKey pair. For instructions, see Create a RAM user.

    For background on identity types and credentials, see Identity, credential, and authorization.

    Grant permissions

    1. Go to the Users page in the RAM console.

    2. Find the RAM user and click Add Permissions in the Actions column.

    3. In the Policy section, search for Yundunddos and select AliyunYundunDDosFullAccess.

    4. Click Grant permissions.

    Anti-DDoS Origin provides two system policies:
    AliyunYundunAntiDDoSBagFullAccess — full management permissions
    AliyunYundunAntiDDoSBagReadOnlyAccess — read-only access For custom policies, see RAM authorization.

    Create an AccessKey pair

    By default, an AccessKey pair is generated when you create a RAM user. If you need to create one manually:

    1. Open the RAM user's details page.

    2. On the Authentication tab, click Create AccessKey.

    3. Save the AccessKey ID and AccessKey Secret. For details, see Create an AccessKey pair.

    Prepare your Python environment

    Configure environment variables

    Store your credentials as environment variables to avoid hard-coding them in your source code. Set the following variables:

    • ALIBABA_CLOUD_ACCESS_KEY_ID — your AccessKey ID

    • ALIBABA_CLOUD_ACCESS_KEY_SECRET — your AccessKey Secret

    For setup instructions on Linux, macOS, and Windows, see Configure the Alibaba Cloud AccessKey environment variable.

    Install dependencies

    pip install alibabacloud_credentials
pip install alibabacloud_ddosbgp20180720==2.0.2
pip install alibabacloud_tea_console

    Call DescribeInstanceList

    The DescribeInstanceList operation returns details for one or more Anti-DDoS Origin instances. See the API reference for the full parameter list and the API overview for all available operations.

    Download sample code

    1. Open Call URLDescribeInstanceList in OpenAPI Explorer.

    2. Set the following parameters, then click Initiate Call:

      ParameterValue
      InstanceIdList["ddosbgp-cn-nwy36lfg****","ddosbgp-cn-zxu3ajul****"]
      RegionIdcn-hangzhou
      PageNo1
      PageSize10

    3. Click the SDK Sample Code tab, then select Python in the Languages section.

    4. Click Download Project to download the sample code package.

    5. Extract the package and navigate to the alibabacloud_sample directory.

    Run the sample

    python sample.py

    Verify the result

    A successful call returns a JSON response listing your instances:

    {
  "RequestId": "116D9BB2-57C0-5757-AFFB-8DE6FB13F8FC",
  "Total": 2,
  "InstanceList": [
    {
      "Status": "1",
      "GmtCreate": 1681983249000,
      "AutoRenewal": true,
      "IpType": "IPv6",
      "InstanceId": "ddosbgp-cn-nwy36lfg****",
      "BlackholdingCount": 0,
      "ExpireTime": 1713628800000,
      "InstanceType": "1",
      "CoverageType": 0,
      "Remark": "ddos_ipv6_auto"
    },
    {
      "Status": "1",
      "GmtCreate": 1688628005000,
      "AutoRenewal": true,
      "IpType": "IPv4",
      "InstanceId": "ddosbgp-cn-zxu3ajul****",
      "BlackholdingCount": 0,
      "ExpireTime": 1720281600000,
      "InstanceType": "1",
      "CoverageType": 0,
      "Remark": "ddos_autotest"
    }
  ]
}

    If the response contains your instance IDs in InstanceList, the call succeeded.

    If you see an error or an empty InstanceList, check the following:

    • The environment variables ALIBABA_CLOUD_ACCESS_KEY_ID and ALIBABA_CLOUD_ACCESS_KEY_SECRET are set correctly.

    • The RAM user has the AliyunYundunDDosFullAccess policy attached.

    • The RegionId matches the region where your instances are deployed.

    What's next

    • Browse all available Anti-DDoS Origin operations in the API overview.

    • Use the same pattern to call other operations by replacing DescribeInstanceList with your target operation in OpenAPI Explorer.